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Amendments to the Claims : 

This listing of claims replaces all prior versions and listings of claims in the application: 

Listing of Claims : 

1. (Currently amended) A mobile application security system, comprising: 

a central compute r, in commtmication with a first host computer and a second host 
computer, tlie first and second host computers executing a mobile application that jumps between 
the first and second host computers during execution and passes through the central computer. 
for controlling th e s e curity of a mobil e application; 

on e or mor e ho$t compaters connect e d to " th e servor computor^ each host comput e r 
e x e cuting th e mobil e application - that jumpG botwoon tho hootc during ojcoQution; 

the central computer fiirfher comprising means for monitoring ^ security of the mobile 
application as it the mobile application i umps between the first and second host computers 
wh e r e in when tho mobilo applioation io oommunioatod &om a firot hoot to a oooond hoat^ it 
pooooG through tho oontrol oomputor; 

wh e rein th e s e curity monitoring m e an s the means for monitoring fiirther comprisinges^ 
means for inspecting an access control h$t of the mobile apphcation to determine if code of the 
mobile application is marked as immutable, m e ans det e cting cod e of th e mobil e application 
mark e d as immutab le and means for replacing ^ immutable code with code known bv the 
central computer to be safe by th e central - Gomp tftoF. 

2. (Currently amoided) A mobile application security system, comprising: 

a central compute r, in communication with a first host computer and a second host 
computer, the first and, second host computers executing a mobile application that jumps between 
flie first _and second host computers during execution, passing through the central computer, 
oontrolling - ftio - socurity of a mobile appl i eation - 

one or mor e host computers connooted to tho server comput e r, oooh hoot oomputor 
e x e cuting th e mobil e application that jumps betw ee n the hosts during e x e cution; 



PAGE 4(13 ' RCVD AT mm 7:20:55 PM [Eastern Standard Time] ' SVR:USPT0-EFXRF-1/2 ' DN1S:8729306 ' CSID:6S0S39S071 ' DURATION {mmpUi 



03/01/2005 24 R^I 650$095071 



FISH & RICHARDSON 



i005 



Applicant : Chritopher A. "RygAard Attorney's Docket No.: ]S5 1 1-006001 

Serial No. : 09/758,941 

Filed : January 10. 2001 

Page : 4 of 12 



the central computer further comprising means for monitoring ^ security of the mobile 
application as it the mobile application jumps between the first and second host computeriggng^j.: m^. 
wh e r e in when th e mobil e applicatien - i -fi- conmiunioatcd from a first host to a s e cond host, it 
pass e s through th e oontral oomputcr; and 

whoroin - tho DGOurit;^^ - monitoring m e ans the means for monitoring further compri siii^ 
means for inspecting an access control list of the mobile application to determine if state data of 
the mobile application is marked as immutable, m e ans for detecting state data mark e d as 
inmiutabl e and means for replacing the immutable state data of the mobile application with state 
data known by the central computer to be safe by tho oontral computer . 

3. (Currently amended) A mobile apphcation security system, comprising; 

a central compute r^ in communication with a first host computer and a second host 
computer, the first and second host computers executing a mobile application that jumps between 
the first and second host computers during cxecutioa passing through the central computer, fef 
controlling tho aocurity of a mobile application; 

ono or mor e- h€> fi t - comput<^rs connootod to^ e s ^ e r computer, oach hoot computer 
e x e cutin g- tho mobile application that jumpo botwoon tho hootG during oxooution; 

the central computer further comprismg means for monitoring &e security of the mobile 
application as it the mobile application jumps between the first and second host computers 
whoroia whon - tho - mobilc application i s oommunioatod &om a - firat boat to a aooond host, it 
pass e s tterough th e- eontral computer; 

wher e in th e ■se curity monitoring m e ans the means for monitoring further compris ing^ , 
means for inspecting an access control list of the mobile application to determine if itinerary data 
of the mobile application is marked bs immutable, and means for replacing Ae immutable 
itinerary data with m itinerary data known b v the central computer to be safe by tho oentral 
computer . 

4. (Currently amended) The system of €ki» claim 3. wherein the itinerary data 
comprises past historical itinerary data. 
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5. (Currently amended) A mobile application security method, comprising: 
receiving a mobile application at a cratral computer each time the mobile apphcationis 

jumping between a first host and a second host; and 

monitoring ^ security of the mobile appHcation as it jumps between the first and second 
hosts, including inspecting an access control list of the mobile application to determine if code of 
the mobile application is marked as immutable, tho hoot oomputors. whoroin the aoourity 
monitoring furth e r compris e s dotocting oodo - of - tho mobilo application that io markod 
immutabl e and replacing fee immutable code with code known bv_the_ central computer to be 
safe by th e central ccmiput e r . 

6. (Currently amended) A mobile q?plication security method, comprising: 
receiving a mobile application at a central computer each time fhe mobile application is 

jumping between a first host and a second host; and 

monitoring ^ security of the mobile ^plication as it jumps between the first and second 
hosts, including inspecting an access control list of the mobile application to detemiine if state 
data of the mobile mplication is marked as immutable, th e host computers. 

whoToiD tho oQourity monitoring furth e r comprises d e t e cting a stat e of th e mobile 
application that ic marked as im - mutabl e and replacing &e immutable state data with state data 
that is known by the central computer to be safe by th e c e ntral comput e r ^ 

7. (Currently amended) A mobile application security method, comprising: 
receiving a mobile application at a central computer each time fhe mobile application is 

jumping between a first host and a second host; and 

monitoring fee security of the mobile appUcation as it jumps between the first and second 
hosts, including inspecting an access control list of the mobile application to detemiine if 
itinerary data of the mobile appHcation is marked as immutable, th e host ooniputGrfly whoroin - Ao 
fl e curity monitoring further comprises det e cting an itm e rary of th e mobil e c^liootion tha t4fl 
mark e d as immutabl e and rq)laoing fee immutable itinerary data with itinerary data known by 
the central computer to be safe by th e control oomputor . 
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8. (Currently amended) The method of Gteim claim 7, wherein the itinerary data 
comprises past historical itinerary data, 

9-14, (Canceled) 

15. (Ciurcntly amended) A mobile application security method, comprising: 
receiving a mobile application at a central computer each time the mobile application is 

jumping between a first host and a second host; and 

monitoring fte security of the mobile application as it jimips between the first and second 
hosts, including tho boat oomputors, whoroin the se curity monitoruig furth e r compris e s: 

saving tho mobile application code of the mobile application when the code is marked as 
immutablea the mobile application has not been dispatched in the past and g host dispatching 
the mobile application is trusted^ 

stripping the code from the mobile apphcation when the code is marked as immutable, 
the mobile application has not been dispatched in the past and the host dispatching the mobile 
application is not trusted, ^ 

replacing the code of the mobile application when the code is marked as inmiutable and 
the mobile ^)phcation has been dispatched in the past, and 

saving the code of the mobile application when the code is not marked as immutable. 

16. (Currently amended) A mobile application security system, comprising: 

a central compute r^ in conmiuiiication with a first host computer and a second host 
computer, the first and second host computers executing a mobile apphcation that jumps between 
the first and second host computers during execution and passes through the central coitiputer, 

for controlling th e security of a mobil e application ; 

on e or mor e host comput e r s conn e cted to th e s e rver conoputer, e ach ho s t computer 
e xecuting th e mobile apphcation that jump$ betw ee n th e hosts during e xecution; 

the central computer fiirfhex comprising means for monitoring fte security of the mobile 
application as it the mobile application jumps between the first and second host computers 
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wh e r e in when th e mobilo applioation is coimnuniGat e d from a first host Jo a s e cond host) it - -^^T^^etr 
pass e s tliTOUgh th e control computer; 

wh e r e in the security monitoring means further comprisinge&T 

means for saving feo - aaobilo applioation code of the mobile application when the code is 
marked as immutable, the mobile application has not been dispatched in the past and &e a host 
dispatching the mobile application is trusted, 

m^s for stripping the code from the mobile application when the code is marked as 
immutable, the mobile application lias not been dispatched in the past and the host dispatcfatog 
the mobile application is not trusted, 

means for replacing the code of the mobile Explication when the code is marked as 
immutable and the mobile application has not been dispatched in the past, and 

means for saving the code of the mobile application when the code is not marked as 
immutable, 

17. (New) A system, comprising: 

a server, in communication with a first host computer and a second host computer, the 
first and second host computes executing a mobile application that jumps between the first and 
second host computers during execution, passing through the server, the server inspecting an 
access control list of the mobile application to detemiine if data of the mobile application is 
marked as immutable and replacing immutable data with data known by the central computer to 
be safe to monitor security of the mobile apphcation as the mobile application jumps between the 
first and second host computers. 

18. (New) The system of claim 17, wherein the data of the mobile application is one 
from the groiqp containing code, state data and itinerary data. 

19. (New) The system of claim 17, wherein the server saves immutable data when the 
mobile ^plication has not been dispatched in the past and a host dispatching the mobile 
apphcation is trusted. 
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20. (New) The system of claim 17, wherein the server strips immutable data when the 
mobile application has not beeu dispatched in the past and a host dispatching the mobile 
application is not trusted. 

* 

2 1 . (New) The system of claim 17, wherein the server saves data not maiked as 
immutable when a host dispatching the mobile application is trusted* 

22. (New) The system of claim 17, wherein the server replaces immutable data whentiie 
mobile application has been dispatched in the past. 

23. (New) The system of claim 17, wherein the server forwards the mobile application 
to a receiving host. 

24. (New) A method at a server, comprising: 

monitoring security of a mobile ^plication as the mobile application jumps between a 
first host and a second host including: 

inspectiag an access control list of the mobile application to determine if data of the 
mobile application is marked as immutable; and 

replacing immutable data with data known to be safe. 

25. (New) The method of claim 24, wherein the data of the mobile application is one 
from the group containing code, state data and itinerary data. 

26. (New) The method of claim 24, further comprising: 

saving immutable data when the mobile CQ>phcation has not been dispatched in the past 
and a host dispatching the mobile ^>plication is tmsted. 

27. (New) The method of claim 24, wherein replacing comprises replacing immutable 

V 

data when the mobile application has not been dispatched in the past and a host dispatching the 
mobile application is not tmsted. 

28. (New) The method of claim 24, further comprising: 
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saving data not marked as immutable wlien a host dispatching the mobile applicatian is 

trusted. 

29, (New) The method of claim 24, wherein replacing comprises replacing immu 
data when the mobile application has been dispatched in the past. 

30. (New) The method of claim 24, fuither comprising: 
forwarding the mobile application to a receiving host. 
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